101 lines
4.1 KiB
Diff
101 lines
4.1 KiB
Diff
The problem has been fixed with gmime 3.2.7 already.
|
|
--- a/configure
|
|
+++ b/configure
|
|
@@ -508,96 +508,13 @@ if pkg-config --exists "gmime-3.0 >= $GM
|
|
|
|
printf "OK.\n"
|
|
|
|
- cat > _check_gmime_cert.c <<EOF
|
|
-#include <stdio.h>
|
|
-#include <gmime/gmime.h>
|
|
-
|
|
-int main () {
|
|
- GError *error = NULL;
|
|
- GMimeParser *parser = NULL;
|
|
- GMimeApplicationPkcs7Mime *body = NULL;
|
|
- GMimeSignatureList *sig_list = NULL;
|
|
- GMimeSignature *sig = NULL;
|
|
- GMimeCertificate *cert = NULL;
|
|
- GMimeObject *output = NULL;
|
|
- int len;
|
|
-
|
|
- g_mime_init ();
|
|
- parser = g_mime_parser_new ();
|
|
- g_mime_parser_init_with_stream (parser, g_mime_stream_file_open("$srcdir/test/corpora/pkcs7/smime-onepart-signed.eml", "r", &error));
|
|
- if (error) return !! fprintf (stderr, "failed to instantiate parser with test/corpora/pkcs7/smime-onepart-signed.eml\n");
|
|
-
|
|
- body = GMIME_APPLICATION_PKCS7_MIME(g_mime_message_get_mime_part (g_mime_parser_construct_message (parser, NULL)));
|
|
- if (body == NULL) return !! fprintf (stderr, "did not find a application/pkcs7 message\n");
|
|
-
|
|
- sig_list = g_mime_application_pkcs7_mime_verify (body, GMIME_VERIFY_NONE, &output, &error);
|
|
- if (error || output == NULL) return !! fprintf (stderr, "verify failed\n");
|
|
-
|
|
- if (sig_list == NULL) return !! fprintf (stderr, "no GMimeSignatureList found\n");
|
|
- len = g_mime_signature_list_length (sig_list);
|
|
- if (len != 1) return !! fprintf (stderr, "expected 1 signature, got %d\n", len);
|
|
- sig = g_mime_signature_list_get_signature (sig_list, 0);
|
|
- if (sig == NULL) return !! fprintf (stderr, "no GMimeSignature found at position 0\n");
|
|
- cert = g_mime_signature_get_certificate (sig);
|
|
- if (cert == NULL) return !! fprintf (stderr, "no GMimeCertificate found\n");
|
|
-#ifdef CHECK_VALIDITY
|
|
- GMimeValidity validity = g_mime_certificate_get_id_validity (cert);
|
|
- if (validity != GMIME_VALIDITY_FULL) return !! fprintf (stderr, "Got validity %d, expected %d\n", validity, GMIME_VALIDITY_FULL);
|
|
-#endif
|
|
-#ifdef CHECK_EMAIL
|
|
- const char *email = g_mime_certificate_get_email (cert);
|
|
- if (! email) return !! fprintf (stderr, "no email returned");
|
|
- if (email[0] == '<') return 2;
|
|
-#endif
|
|
- return 0;
|
|
-}
|
|
-EOF
|
|
-
|
|
- # see https://github.com/jstedfast/gmime/pull/90
|
|
- # should be fixed in GMime in 3.2.7, but some distros might patch
|
|
printf "Checking for GMime X.509 certificate validity... "
|
|
|
|
- if ! TEMP_GPG=$(mktemp -d "${TMPDIR:-/tmp}/notmuch.XXXXXX"); then
|
|
- printf 'No.\nCould not make tempdir for testing X.509 certificate validity support.\n'
|
|
- errors=$((errors + 1))
|
|
- elif ${CC} -DCHECK_VALIDITY ${CFLAGS} ${gmime_cflags} _check_gmime_cert.c ${gmime_ldflags} -o _check_x509_validity \
|
|
- && echo disable-crl-checks > "$TEMP_GPG/gpgsm.conf" \
|
|
- && echo "4D:E0:FF:63:C0:E9:EC:01:29:11:C8:7A:EE:DA:3A:9A:7F:6E:C1:0D S" >> "$TEMP_GPG/trustlist.txt" \
|
|
- && GNUPGHOME=${TEMP_GPG} gpgsm --batch --quiet --import < "$srcdir"/test/smime/ca.crt
|
|
- then
|
|
- if GNUPGHOME=${TEMP_GPG} ./_check_x509_validity; then
|
|
gmime_x509_cert_validity=1
|
|
printf "Yes.\n"
|
|
- else
|
|
- gmime_x509_cert_validity=0
|
|
- printf "No.\n"
|
|
- if pkg-config --exists "gmime-3.0 >= 3.2.7"; then
|
|
- cat <<EOF
|
|
-*** Error: GMime fails to calculate X.509 certificate validity, and
|
|
-is later than 3.2.7, which should have fixed this issue.
|
|
-
|
|
-Please follow up on https://github.com/jstedfast/gmime/pull/90 with
|
|
-more details.
|
|
-EOF
|
|
- errors=$((errors + 1))
|
|
- fi
|
|
- fi
|
|
printf "Checking whether GMime emits email addresses with angle brackets... "
|
|
- if ${CC} -DCHECK_EMAIL ${CFLAGS} ${gmime_cflags} _check_gmime_cert.c ${gmime_ldflags} -o _check_email &&
|
|
- GNUPGHOME=${TEMP_GPG} ./_check_email; then
|
|
- gmime_emits_angle_brackets=0
|
|
- printf "No.\n"
|
|
- else
|
|
gmime_emits_angle_brackets=1
|
|
printf "Yes.\n"
|
|
- fi
|
|
- else
|
|
- printf 'No.\nFailed to set up gpgsm for testing X.509 certificate validity support.\n'
|
|
- errors=$((errors + 1))
|
|
- fi
|
|
- if [ -n "$TEMP_GPG" -a -d "$TEMP_GPG" ]; then
|
|
- rm -rf "$TEMP_GPG"
|
|
- fi
|
|
|
|
# see https://dev.gnupg.org/T3464
|
|
# there are problems verifying signatures when decrypting with session keys with GPGME 1.13.0 and 1.13.1
|